package com.ngkj.zmfptback.sys.evaluator;

import com.ngkj.zmfptback.sys.bean.OperationEntity;
import com.ngkj.zmfptback.sys.bean.UserEntity;
import com.ngkj.zmfptback.sys.service.read.UserReadService;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;

import javax.annotation.Resource;
import java.io.Serializable;
import java.util.List;

/**
 * @author ChenHN
 * @since 2021/12/2 creation
 **/
@Component
public class UserPermissionEvaluator implements PermissionEvaluator {

    @Resource
    private UserReadService userReadService;

    /**
     * hasPermission鉴权方法
     *      * 这里仅仅判断PreAuthorize注解中的权限表达式
     *      * 实际中可以根据业务需求设计数据库通过targetUrl和permission做更复杂鉴权
     *      * 当然targetUrl不一定是URL可以是数据Id还可以是管理员标识等,这里根据需求自行设计
     * @param authentication
     * @param targetDomainObject
     * @param permission
     * @return
     */
    @Override
    public boolean hasPermission(Authentication authentication, Object targetDomainObject, Object permission) {
        //获取用户信息
        UserEntity userEntity = (UserEntity) authentication.getCredentials();
        List<OperationEntity> operationsByUserId = userReadService.getOperationsByUserId(userEntity.getId());
        String string = targetDomainObject.toString();
        return true;
    }

    @Override
    public boolean hasPermission(Authentication authentication, Serializable targetId, String targetType, Object permission) {
        return false;
    }
}
